Tag / security

Adware can bring down your PC, a virus can mass-mail annoying contents to all the contacts in your address book, a key logger can send every keystroke of yours to someone on the Net—and these are just a few risks that are out there affecting PCs. Also, for someone even moderately well versed with operating systems, getting into a poorly-secured PC is child’s play.

WHY SECURITY?

As computers become more and more integrated into our lives, we end up leaving a lot of sensitive information on our PCs—from passwords, e-mail IDs (even official e-mail IDs) and bank accounts to personal diaries and notes, business plans (or worse still, tender bids), confidential documents, a log of surfing habits (which can be viewed out of context), a backup of phone SMSes, and much more. Then there is another risk, especially when you are online—viruses and spyware. Though viruses and spyware are talked about in the same breath, there is one fundamental difference: a virus is written to cause damage to your operating system, programs or files, usually with no direct benefit to the virus creator. Spyware, on the other hand, is written for gain. This could be by tracking the surfing habits of a user on an infected computer and sending this information to someone who would send the user advertisements supposedly targeted at him based on his surfing habits.

Very strictly speaking, spyware is not intended to cause damage, at least in the traditional sense, but more often than not, they end up doing so on your PC, which is rendered difficult to repair. When we speak of computer security, what we mean is the ways in which you can prevent people from accessing data on your computer, keep your computer safe from viruses and spyware, and protect yourself from hacking and phishing.

The Internet

The Internet brings the world to your desktop, no doubt. But that world also includes a sub-world of spyware, worms, phishing attacks, and more. The most common of online irritants is spam e-mail. Spam is simply unsolicited email that urge you to buy herbal concoctions to enlarge certain body parts, promise youthfulness via a pill, say that you’ve won a Rolex watch, and so on. These mails invariably contain a link to a supposed online store that will ask you for a credit card number for an online payment. It is difficult to believe how someone can fall for a trick like this, but apparently, there are a few innocent people out there who get tricked into buying a “herbal” cure or a “collector’s watch.” Needless to say, you need to just delete these mails. The other common annoyance, which can also bring down your PC, is spyware / adware. The source of these is most usually pornographic sites or those with cracks for software. These sites can also be the very links you get in spam mail. Once they get installed, they are able to send a list of the Web sites you surf, and even your e-mail address. Based on your surfing habits, spam is sent to your email ID, advertising products or services that would ostensibly be of interest to you. An adware program will open browser windows all by itself and direct you to Web sites selling products of the same nature. Some of them are so designed that if you close the window that they bring up, they will open two or more instantly! If you receive a suspicious looking file in an e-mail (something like “annakournikova nude playing tennis.avi.scr”) even from a known source, do not download the file. It is likely that a virus has hacked into the sender’s e-mail client (or even disguised the sending address as something else—yes, that’s possible too) and is sending out spam or offensive mails.

Spyware

The affected person may not even know that spam mails from his ID are being sent. You can be a good friend and call him up to let him know of this so he can take curative measures. Some sites even make use of the fact that people occasionally make typographical errors! A recent example is www.ork0t.com (now taken down), which you could have visited if you typed what you thought was “www.orkut.com” and made a typo. When one entered one’s user ID and password into that site, it would be used to hack into your account and send out spam to all your contacts! Phishing is a threat that can potentially rob you of your money. It’s a means of fooling you into disclosing your login details of any site / service. If you are using an e-banking service, be very careful of mails that you may receive claiming to be from your bank, asking you to fill in your login details. As a policy, most banks do not send out e-mails asking you to fill in any e-banking details. If you do receive such a mail, it is fake. Before you fill out any details on a site following a link sent via e-mail, do confirm with your bank’s customer care if they have indeed sent out such a mail. Visit only your bank’s official site for all transactions.

Attacks From Known Sources

It is not uncommon for crime investigators to find that the culprit was known to the victim—this is the case with computer security as well. Someone who works at your computer may access your personal files—and even your surfing habits. It is not generally practical to keep your PC under lock and key, but what you can have is a digital version of a lock and key: set up passwords and encrypt files.

Data theft is a growing concern amongst corporates. Personal and professional harm can arise if someone gets accessto your private data or worse still, your e-mail, wherein they could email someone posing as you. You can assign a password to access your PC and, similarly, password-protect your files as a first step to safeguard yourself from this risk. And, it is good practice not to let anyone install unfamiliar programs on your computer.

You must realize that given sufficient time and resources, a competent enough person can eventually break into your PC, but that is no reason to leave it entirely unsecured.